Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected - sas scan


  • Please log in to reply
19 replies to this topic

#1 sniper8752

sniper8752

  • Members
  • 385 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 29 March 2012 - 11:06 AM

I ran a SuperAntispyware scan, and it came up with the following:

http://www.mediafire.com/imageview.php?quickkey=intkzvm5gnb2f9z

I wanted to see what action I should take... if I should just remove them, or will need to do further testing to clean my computer.

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:11 PM

Posted 29 March 2012 - 11:23 AM

Can you post the full log instead of a screenshot of the actual infections?

#3 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 385 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 29 March 2012 - 11:54 AM

the rest are just tracking cookies.

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:11 PM

Posted 29 March 2012 - 11:57 AM

The full log is very important to post.

#5 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 385 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 29 March 2012 - 11:59 AM

SUPERAntiSpyware Scan Log

http://www.superantispyware.com



Generated 03/29/2012 at 12:53 PM



Application Version : 5.0.1146



Core Rules Database Version : 8396

Trace Rules Database Version: 6208



Scan type       : Complete Scan

Total Scan Time : 02:00:46



Operating System Information

Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)

UAC On - Limited User



Memory items scanned      : 627

Memory threats detected   : 0

Registry items scanned    : 71207

Registry threats detected : 0

File items scanned        : 119472

File threats detected     : 67



PUP.CNETInstaller

	C:\USERS\USERNAME\DOWNLOADS\CNET2_TS76_EXE.EXE



Trojan.Agent/Gen-Sisproc

	C:\USERS\USERNAME\DOWNLOADS\OSL2000.EXE



Adware.Tracking Cookie

	.imrworldwide.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.imrworldwide.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.invitemedia.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	tracker.citizenhawk.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.apmebf.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.xiti.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	wstat.wibiya.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.dmtracker.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.accounts.google.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.accounts.google.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	in.getclicky.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.getclicky.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.static.getclicky.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	www.qsstats.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.microsoftsto.112.2o7.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	www.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.statcounter.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.histats.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.histats.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.2o7.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.oracle.112.2o7.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.2o7.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.allegis.122.2o7.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	www.clickmanage.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	www.clickmanage.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.doubleclick.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	www.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	search.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	www.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.search.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.search.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.search.crackle.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.stats.slashgear.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.stats.slashgear.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.stats.slashgear.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.stats.slashgear.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.stats.slashgear.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.stats.slashgear.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.liveperson.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	sales.liveperson.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.liveperson.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	sales.liveperson.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	accounts.google.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	accounts.google.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.statcounter.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.invitemedia.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.enterprisemediagroup.112.2o7.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	www.qsstats.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.invitemedia.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	click.circuitcity-online.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	click.circuitcity-online.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.apmebf.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.account.norton.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.account.norton.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.account.norton.com [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

	.siemens.112.2o7.net [ C:\USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]



#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:11 PM

Posted 29 March 2012 - 12:45 PM

Please download the following and run them, then post the logs.

Malwarebytes Anti-Malware

NOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.



Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

#7 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 385 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 29 March 2012 - 12:59 PM

i have a 64-bit machine. what should I do for gmer?

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:11 PM

Posted 29 March 2012 - 01:14 PM

Run it anyways.

#9 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 385 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 29 March 2012 - 03:26 PM

Malwarebytes Anti-Malware (PRO) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.29.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Username :: USERNAME-PC [administrator]

Protection: Enabled

3/29/2012 1:57:46 PM
mbam-log-2012-03-29 (13-57-46).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 486825
Time elapsed: 1 hour(s), 57 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

will have to do gmer next...

#10 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 385 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 29 March 2012 - 06:58 PM

and gmer...

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-29 19:57:03
Windows 6.1.7601 Service Pack 1
Running: f7fvlwff.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\4ceb42076ee3
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\4ceb42076ee3@ccf9e8b51c27 0x59 0x7C 0x22 0x69 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc773713b356
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc773713b356@1474114b6a63 0xE3 0x8F 0x37 0x29 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc773713b356@dc2c26b07db0 0x0F 0x2A 0x38 0x29 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\4ceb42076ee3 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\4ceb42076ee3@ccf9e8b51c27 0x59 0x7C 0x22 0x69 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc773713b356 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc773713b356@1474114b6a63 0xE3 0x8F 0x37 0x29 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc773713b356@dc2c26b07db0 0x0F 0x2A 0x38 0x29 ...

---- EOF - GMER 1.0.15 ----

i'm thinking these are from my brother printer???

#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:11 PM

Posted 29 March 2012 - 07:33 PM

Im not seeing infections, can you now do a free online scan via ESET and provide the logs?

#12 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 385 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 29 March 2012 - 07:45 PM

maybe they are just missing something....

#13 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:11 PM

Posted 29 March 2012 - 07:47 PM

And thats why I am having you do a free eset scan.

#14 sniper8752

sniper8752
  • Topic Starter

  • Members
  • 385 posts
  • OFFLINE
  •  
  • Local time:01:11 PM

Posted 30 March 2012 - 06:33 AM

C:\ProgramData\YouTube Downloader\ytd_installer.exe	probably a variant of Win32/Toolbar.Widgi application
C:\Users\All Users\YouTube Downloader\ytd_installer.exe	probably a variant of Win32/Toolbar.Widgi application
C:\Users\USERNAME\Downloads\CheatEngine61.exe	a variant of Win32/HackTool.CheatEngine.AB application
C:\Users\USERNAME\Downloads\cnet2_tS76_exe.exe	a variant of Win32/InstallCore.D application
C:\Users\USERNAME\Downloads\dexpot_1515_r1799.exe	Win32/OpenCandy application
C:\Users\USERNAME\Downloads\winamp5622_full_emusic-7plus_en-us.exe	Win32/OpenCandy application
C:\Users\USERNAME\Downloads\YouTubeDownloaderSetup34(1).exe	a variant of Win32/Toolbar.Widgi application
C:\Users\USERNAME\Downloads\YouTubeDownloaderSetup34.exe	a variant of Win32/Toolbar.Widgi application
C:\Users\USERNAME\Downloads\Windows XP Pro 32-Bit SP3 10-20-2008 Activated\XP DISK IMAGE.iso	a variant of Win32/PSWTool.RAS.A application

sounds like a lot of false positives lol

Edited by sniper8752, 30 March 2012 - 06:41 AM.


#15 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:11 PM

Posted 30 March 2012 - 12:25 PM

This is the only one that worries me:

C:\Users\USERNAME\Downloads\Windows XP Pro 32-Bit SP3 10-20-2008 Activated\XP DISK IMAGE.iso a variant of Win32/PSWTool.RAS.A application

Are you using a legit version of Windows?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users